Duo adds a layer of security to your accounts. Verifying your identity using another factor, like your smartphone, mobile device, hardware token, or entering a security code, prevents anyone but you from logging in, even if they know your password. You'll log in as usual with your username and password, and then use your device to verify that it's you.
Beginning June 6, 2023, you will no longer be able to use Duo Mobile Passcode for multifactor authentication with Davidson accounts.
Table of Contents
Duo Device and Software Requirements
Configuring Duo on a New Phone
Authenticate Using Duo Verified Push
Authenticate Using a Duo Token
My Primary Duo Authentication Device is Lost or Broken
Add an Additional Device to Duo Mobile
Use Duo Mobile to Protect Non-Davidson Accounts
Duo Security FAQ
Q: Why do I need Duo multifactor authentication?
A: Usernames and passwords provide some protection; however, over time bad actors have devised numerous ways to crack these credentials. In order to improve the protection of sensitive data elements, multifactor authentication (MFA), are required:
- Something you know (a password), and
- Something you have (usually a mobile device)
Q: What services are protected with Duo?
A: All applications that offer SSO (single sign-on), such as Office 365, Google Drive/GSuite, Moodle, Zoom, Slate, and Maxient require Duo multifactor authentication. Additionally, VPN access from off-campus and confidential applications like Banner and Blackbaud require Duo.
Q: What devices are supported by Duo?
A: You can read our documentation on the devices supported by Duo. Further questions can be directed to the T&I Support Center at ti@davidson.edu or 704-894-2900.
Q: Once I have Duo, how can I authenticate?
A: There are several methods to authenticate in Duo:
- Duo Mobile Push
If you use your smartphone or tablet, you can install the Duo Mobile app and send a notification to your device. To authenticate, you choose to Accept or Deny the request on your mobile device. - Using a personal hardware token/fob
If you have a hardware token already (ex: Yubikey), you can insert the token like a USB and tap it to authenticate, or use Touch ID on a Mac. - Using a provided Duo token
If you cannot or will not use your mobile device to authenticate, the T&I Support Center can provide you with a Duo token. You will press a button on the token to generate a passcode that you can then enter in the portal.
Q: Do I need a smartphone to use Duo? What if I don’t have a smartphone?
A: If you have a smartphone, you’ll find it makes Duo more convenient.
- You probably already have your smartphone with you, and it’s easy and quick to acknowledge a login through the Duo app.
- You can choose to use the Duo app for multifactor protection on personal services like Gmail, Instagram, Facebook, and other sites.
- If you do not own a compatible smartphone, T&I will provide one Duo key fob (for students) or one authentication key (faculty/staff) at no cost.
Q: My account is locked out. What should I do?
A: If you exceed 10 failed login attempts, your account will be locked down. Please contact the T&I Support Center at ti@.davidson.edu or 704-894-2900 for assistance.
Q: I lost or broke my primary authentication device. What should I do?
A: Please take action ASAP if you’ve lost your phone so that no unauthorized person(s) can access your account. Call 704-894-2900 to walk through your next steps.
Q: How do I add an additional device?
A: Go to duo.davidson.edu, log in with your Davidson College credentials, and select Manage Devices
Q: I purchased a new phone. How do I set up my new device?
A: If you still have access to your old device or a backup authentication device, go to duo.davidson.edu and click on manage devices. If you do not have access to your old device or backup device, you can contact the T&I Support Center at 704-894-2900 for assistance.
Q: I’m having trouble authenticating in Duo. What should I do?
A: Please read this article for solutions to some common authentication problems. If you still have questions or concerns, please contact the T&I Support Center at ti@davidson.edu or 704-894-2900.
Duo Device and Software Requirements
For security reasons, users are required to keep their devices up-to-date. If you are a high-risk user, you will be required by Duo to do so.
You will be warned, and perhaps blocked, whenever your OS, Flash and/or Java plugins, or browser are out of date. If you are blocked, please contact the Support Center.
Please note that these are the minimum requirements and that it's always a good idea to keep your devices up-to-date.
Mobile Device Requirements
| Device Type | Supported Platform |
| iOS | iOS 14.0 or newer |
| Android | Android 10.0 r |
OS and Software Requirements
All users will be warned whenever your OS, Flash and/or Java plugins, or browser are out-of-date and blocked if they do not meet the following requirements:
| Browser | No more than 1 year out of date |
| Flash and Java plugins | No more than 1 year out of date |
| Windows OS | At least Windows 7 |
| macOS | At least Mac OS X 10.14 Mojave |
Additional Requirements for Applications with Highly Sensitive Data (testing phase currently in progress)
Access to Banner Admin Pages and Etrieve is restricted to Davidson-owned workstations.
Attempts to login to Etrieve or Banner Admin Pages from a non-Davidson-owned computer will fail with an error message similar to the following:
Duo Troubleshooting
If you are having difficulties with Duo, read about some of the common issues below to help troubleshoot.
If you are using Duo Mobile, does your phone have a passcode?
For security reasons, Duo requires that high-risk users have some type of mobile device screen lock whether it’s a pattern, passcode, biometric, etc.
Is the date and time on your device correct?
In order to authenticate properly, the date and time on your device needs to be correct. You can typically set your device to automatically adjust the time settings.
Are your browser, plugins, and operating system up-to-date?
Duo requires that you keep your chosen browser, plugins, and operating system up-to-date in order to authenticate. Read the article below for Duo requirements for your browsers, plugins, and operating systems: Duo Browser, Plugin, and OS Requirements
Is your Duo Mobile app updated?
All high-risk users are required to have up-to-date security updates for Duo Mobile.
Configuring Duo on a New Phone
New Phone? No problem! If you still have your old device, you can use the instructions below to activate Duo on your new device.
Add an Additional Mobile Device to Duo Mobile
We recommend that you add a second device in Duo in case you forget or lose your primary authentication device.
- On any computer, visit duo.davidson.edu and click on "manage devices"
- Authenticate with Duo
- Select + Add another device
- On the What type of device are you adding? dialog box, click on the appropriate radio button and then click on the Continue button.
Mobile phone
- Enter your cell phone number
- Confirm you entered your phone number correctly via the check box
- Click on the Continue button
- Select the type of phone (iOS or Android)
- Click on the Continue button
- Install Duo on the new mobile phone (if you haven't already), scroll down in the dialog box and click on the I have Duo Mobile button
- On the new mobile phone:
- Open the Duo Mobile app
- Tap the + button
- Use the camera on your device to scan the barcode on the screen
You should now see Davidson College listed in your Duo mobile app on your new phone.
To help protect your Duo account from unauthorized activity, you will receive a Duo push and an email notification from no-reply@duosecurity.com when you add or remove an authentication device in Duo.
Authenticate Using Duo Push
1. Unless you are using a hardware token or a security key as your 2-factor authentication device, Duo Push is configured as the default authentication method. If Duo Push is not your default authentication method in Duo, you can still perform a Duo push by clicking cancel on the initial prompt:
2. Then select Other options:
3. Under Other options to log in, select Duo Push:
4. Upon selecting Duo Push, you should see a popup similar to the one below asking you to check for the push on your device:
5. In the Duo app on your device, verify that the application name matches the name of the application you are logging in to and then select the green check mark to approve:
Authenticate Using Duo Verified Push
(test phase currently in progress)
Risk-Based Verified Push increases the security of Duo multi-factor authentication by requiring users to enter a six-digit code that is displayed in a popup window into the Duo mobile app when Duo detects the authentication is “risky.” Requiring a verification code helps to mitigate the risk of "push harassment" attacks where multiple, successive push notifications are sent in an effort to trick users into accepting a push for a fraudulent login attempt. It also reduces the risk of "push fatigue" where users pay less attention to their logins and absent-mindedly accept a fraudulent push.
If you see a popup like the one above, Duo has detected an anomaly in your authentication and has elevated your authentication method to a verified push. To authenticate, simply enter the 6-digit code displayed on the popup into the Duo mobile app.
Some applications that contain highly sensitive data will always send a verified push. For those applications, the code will be a 3-digit code as long as Duo does not detect any anomalies in the authentication attempt. If the authentication attempt appears to be anomalous or risky, a 6-digit code will be required.
Authenticate Using a Duo Token
Supported Browsers
- Click the Device dropdown
- Choose
- Enter the passcode into the Duo portal.
My Primary Duo Authentication Device is Lost or Broken
We recommend that you follow these instructions ASAP if you’ve lost your device so that no unauthorized person(s) can access your account.
If you DO NOT have a backup authentication device:
Contact the T&I Support Center ASAP so that we can:
- Delete the device from your account
- Set you up with a temporary Duo token for authentication until you find or replace your lost device
If you have a backup authentication device:
Examples include Touch ID, U2F Key, or a secondary device with Duo Mobile installed, such as an iPad
- Visit duo.davidson.edu and select manage devices.
- Next to the lost device, choose Delete Device so that no unauthorized person(s) can authenticate into your account. You will need to use your backup device for authentication until you find your old device or purchase a new device.
Add an Additional Mobile Device to Duo Mobile
We recommend that you add a second device in Duo in case you forget or lose your primary authentication device.
- On any computer, visit duo.davidson.edu and click on "manage devices."
- Authenticate with Duo.
- Select + Add another device.
- On the What type of device are you adding? dialog box, click on the appropriate radio button and then click on the Continue button.
Mobile phone
- Enter your cell phone number
- Confirm you entered your phone number correctly via the check box
- Click on the Continue button
- Select the type of phone (iOS or Android)
- Click on the Continue button
- Install Duo on the new mobile phone (if you haven't already), scroll down in the dialog box and click on the I have Duo Mobile button
- On the new mobile phone:
- Open the Duo Mobile app
- Tap the + button
- Use the camera on your device to scan the barcode on the screen
Tablet
- Select the type of tablet (iOS or Android)
- Click on the Continue button
- Install Duo on the new tablet (if you haven't already), scroll down in the dialog box and click on the I have Duo Mobile button
- On the new tablet:
- Open the Duo Mobile app
- Tap the + button
- Use the camera on your device to scan the barcode on the screen
To help protect your Duo account from unauthorized activity, you will receive a Duo push and an email notification from no-reply@duosecurity.com when you add or remove an authentication device in Duo.
Use Duo Mobile to Protect Non-Davidson Accounts
The Duo Mobile Application can not only provide a second factor for Davidson-protected services, but it can also generate passcodes to act as a second factor for other applications you might want to protect like a password manager or online banking account.
-
Check to see if your service offers multi-factor authentication (MFA). Here are some of the common applications that offer MFA: Google, LastPass, DropBox, Amazon, Twitter, Facebook.
-
Under their MFA options, choose Authenticator App or Code Generator App. The service should generate a QR code.
-
Open the Duo Mobile App on your mobile device.
- Press the + button in the upper right hand corner, and scan the QR code. A new account should be added to your Duo Mobile App.
- To complete 2FA setup, the service should ask you for a confirmation code. Press the key next to your account in your Duo Mobile App and it will generate a 6-digit passcode.
- From then on out, whenever you log in to that service, it should ask you to enter a 6-digit passcode from the Duo Mobile App.